Method and system for requiring authorization for a job prior to processing

ABSTRACT

A method, computer readable medium, and for requiring external authorization for a job prior to processing includes determining for a job if external authorization for at least one is item is approved and processing the job if the determining if external authorization is approved determines that the external authorization for the at least one item is approved.

FIELD

[0001] he present invention generally relates to methods and systems forauthorization and, more particularly, to a method and system forrequiring external authorization for a job prior to processing.

BACKGROUND

[0002] In a typical networked environment, a plurality of differenttypes of devices, such as computer work stations, printers, facsimilemachines, and copiers, are coupled together. In this environment, eachof the devices is permitted to interact with the other devices. However,at times it may be desirable to control the access to one or more of thedevices.

[0003] One prior system for providing this type of control required amanual input of a user identification and an account identification at aparticular device before the device could be used. Although this systemadded a level of control and protection, it did not always provide anadequate level of security. If an unauthorized individual obtained theappropriate user identification and the account identification, thisindividual could gain access to using a device, even if that particularoperator was not normally permitted such access.

SUMMARY OF THE INVENTION

[0004] A method and a computer readable medium having stored thereoninstructions for requiring authorization for a job prior to processingin accordance with embodiments of the present invention includesdetermining for a job if external authorization for at least one is itemis approved and processing the job if the determining if externalauthorization is approved determines that the external authorization forthe at least one item is approved.

[0005] A system for requiring authorization for a job prior toprocessing in accordance with embodiments of the present inventionincludes an approval system and a job processing system. The approvalsystem determines for a job at a first system if external authorizationfrom a remote system for at least one is item is approved. The jobprocessing system processes the job at the first system if the approvalsystem determines that the external authorization for the at least oneitem is approved.

[0006] The present invention provides a more extensive and powerfulauthentication system and method. With the present invention, a systemhas better control over who uses a particular device and whichoperations are enabled by involving an external authorization processoutside of the system. Additionally, the present invention assists indiscovering and preventing misuse of the system through theauthorization process and by keeping a log of activity in the system.

BRIEF DESCRIPTION OF THE DRAWINGS

[0007]FIG. 1 is a block diagram of a system for requiring externalauthorization for a job prior to processing in accordance withembodiments of the present invention;

[0008]FIG. 2 is a flow chart of a method for system for requiringexternal authorization for a job prior to processing in accordance withembodiments of the present invention; and

[0009]FIG. 3 is a flow chart of a method for determining ifauthorization is approved used in the method illustrated in FIG. 2.

DETAILED DESCRIPTION

[0010] A system 10 for requiring external authorization for a job priorto processing in accordance with embodiments of the present invention isillustrated in FIG. 1. The system 10 includes a printer device 12 andworkstations 14(1)-14(3) coupled together via a network 16, although thesystem 10 may include different kinds and numbers of components. Thepresent invention provides a more extensive and powerful authenticationsystem and method which requires external authorization before a job isprocessed.

[0011] Referring to FIG. 1, system 10 includes a printer device 12, suchas printer, facsimile machine, or copier, and a plurality of computerworkstations at remote locations, although system 10 can include othernumbers and types of components. Each of the computer workstations hase-mail capabilities, as well as other types of functions which can beperformed.

[0012] The printer device 12 includes a processor 18, a memory storagedevice 20, a user input device 22, a display 24, and an input/output(I/O) unit 26 which are coupled together by a bus system or other link28, although the printer device 12 may comprise other numbers of andcombinations of components.

[0013] The processor 18 may execute one or more programs of storedinstructions for the method for requiring external authorization for ajob prior to processing in accordance with one embodiment of the presentinvention as described herein and illustrated in FIGS. 2-3. In thisparticular embodiment, these programmed instructions are stored inmemory and are executed by processor 18 in printer device 12, althoughsome or all of those programmed instructions could be stored andretrieved from and also executed at other locations, such as in one ormore of the computer work stations 14(1)-14(3). A variety of differenttypes of memory storage devices, such as a random access memory (RAM) ora read only memory (ROM) in the system or a floppy disk, hard disk, CDROM, or other computer readable medium which is read from and/or writtento by a magnetic, optical, or other reading and/or writing system thatis coupled to the processor 18, can be used for memory.

[0014] The user input device 22 permits an operator to enter data intothe in printer device 12, such as parameters relating to the tables forexternal authorization or the first waiting period of time forresponses. A variety of different types devices can be used for userinput device 22, such as a keyboard, a computer mouse, or an interactivedisplay screen.

[0015] The display or graphical user interface 24 is used to showinformation to the operator, such as the status of the authorization ofitems for the job. A variety of different of devices can be used for thedisplay 24, such as a CRT or flat panel display.

[0016] The I/O unit 26 is used to couple the printing device to computerwork stations 14(1)-14(3), although I/O unit 26 can be used to couplethe printer device 12 to other components. A variety of different I/Odevices can be used with a variety of different communication protocols.

[0017] The network 16 is the Internet, although other types of networkscan be used, such as an a local area network, a wide area network, atelephone line network, a coaxial cable network, and a wireless networkscan be used. The network 16 enables printer device 12 and computer workstations 14(1)-14(3) to communicate with each other.

[0018] The operation of the system 10 for requiring externalauthorization for a job prior to processing in accordance withembodiments of the present invention will now be described withreference to FIGS. 1-3. Referring more specifically to FIG. 2, theoperation starts at step 100 where a job, such as a print job, isentered or otherwise obtained at print device. The printer device 12puts the job on hold pending a determination about externalauthorization.

[0019] In step 102, the printer device 12 determines if externalauthorization for an operation or operations, such as printing orfaxing, in the job is needed. External authorization means the printerdevice 12 must receive an additional approval(s) external from theprinter device 12 before the job can be processed. The printer device 12has a table stored in memory which specifies operations which requireexternal authorization. Authorization for an operation means obtainingauthorization for a functional operation of a device, such as printingor copying. Authorization for a user identification means obtainingauthorization for a particular individual who wants to use the devicefor the job. Authorization for an account identification meansauthorization for a specified account for the job, such as for a billingaccount to keep track of charges for the job. If external authorizationfor the operation in the job is not needed, then the No branch is takento step 108, although other arrangements can be used, such as permittingthe processing of the job to take place. If external authorization forthe operation for the job is needed, then the Yes branch is taken tostep 104.

[0020] In step 104, the printer device 12 determines if authorizationfor the operation for the job is approved as explained in greater detailbelow with reference to FIG. 3. If authorization is not approved, thenthe No branch is taken to step 106 where the job is cancelled and theowner or originator of the job is notified of the cancellation. Ifauthorization is approved, then the Yes branch is taken to step 108,although other arrangements can be used, such as permitting theprocessing of the job to take place. The printer device 12 logs approvalor rejection of the job in a log stored in memory.

[0021] In step 108, the printer device 12 determines if externalauthorization for a user identification is needed. The printer device 12has a table stored in memory which specifies user identifications whichrequire external authorization. If external authorization for the useridentification for the job is not needed, then the No branch is taken tostep 114, although other arrangements can be used, such as permittingthe processing of the job to take place. If external authorization forthe user identification for the job is needed, then the Yes branch istaken to step 110.

[0022] In step 110, the printer device 12 determines if authorizationfor the user identification is approved as explained in greater detailbelow with reference to FIG. 3. If authorization is not approved, thenthe No branch is taken to step 112 where the job is cancelled and theowner or originator of the job is notified of the cancellation. Ifauthorization is approved, then the Yes branch is taken to step 114,although other arrangements can be used, such as permitting theprocessing of the job to take place. The printer device 12 logs approvalor rejection of the job in a log stored in memory.

[0023] In step 114, the printer device 12 determines if externalauthorization for an account identification for the job is needed asexplained in greater detail below with reference to FIG. 3. The printerdevice 12 has a table stored in memory which specifies accountidentifications which require external authorization. If externalauthorization for the operation for the job is not needed, then the Nobranch is taken to step 120 where the job is processed, although otherarrangements can be used. If external authorization for the accountidentification for the job is needed, then the Yes branch is taken tostep 1116.

[0024] In step 116, the printer device 12 determines if authorizationfor the account identification is approved. If authorization is notapproved, then the No branch is taken to step 118 where the job iscancelled and the owner or originator of the job is notified of thecancellation. If authorization is approved, then the Yes branch is takento step 120 where the job is processed, although other arrangements canbe used. The printer device 12 logs approval or rejection of the job ina log stored in memory.

[0025] Although three different types of external authorizations aredisclosed, other types and combinations of external authorizations canbe used in printer device 12. For example, the printer device 12 maysimply require approval of authorization for just one of the operationin the job, the user identification, or the account identification orsome other combination of these or other items. Additionally, approvalof the external authorization may be needed from just one authorizingparty, two or more authorizing parties in a set of authorizing partiesthat were requested to give approval, or from all authorizing partieswhich were notified. Further, although the present invention is beingexecuted in the printer device 12, the present invention can be executedin other systems, such as in one or more of the computer work stations14(1)-14(3).

[0026] Referring to FIG. 3, the process for determining if externalauthorization is approved in steps 104, 110, and 116 is described ingreater detail. For each item, e.g. an operation, user identification,or account identification, requiring external authorization, a tablestored in memory specifies the number of external authorizationsrequired and the authorizing party or parties and their e-mail addressat their work station or stations that can authorize the job. In step150, the printer device 12 identifies the necessary authorizing party orparties at one or more computer work stations 14(1)-14(3) needed for theapproval of the external authorization.

[0027] In step 152, the request or requests for authorization aretransmitted to the identified necessary authorizing party or parties atone or more computer work stations 14(1)-14(3). The request or requestsare sent via e-mail using the Internet to the authorizing party orparties, although other types of communication systems and other typesof networks can be used. Each of the authorizing party or partiesreviews and determines whether to approve or reject the request forauthorization.

[0028] In step 154, one or more responses to the request or requests forauthorization are received by the printer device 12 from the authorizingparty or parties at the computer work stations 14(1)-14(3).

[0029] In step 156, the printer device 12 determines if each of theresponses is from one of the authorizing party or parties. If a responseis not from one of the authorizing parties which was originallyidentified and sent a request for authorization, then in step 158 theprinter device 12 ignores the unauthorized response.

[0030] In step 160, the printer device 12 determines if the necessarynumber of responses to the requests for external authorization arereceived. The printer device 12 can be configured to require aparticular minimum number of responses to the requests which were sentout. For example, the printer device 12 can be configured to requirejust one response to one or more requests or at least three responses tofive requests for external authorization to be received. If thenecessary number of responses to the requests for external authorizationare received, then the Yes branch is taken to step 168. If the necessarynumber of responses to the requests for external authorization are notreceived, then the Yes branch is taken to step 162.

[0031] In step 162, the printer device 12 determines if a first waitingperiod of time for receiving responses has expired. The time for thefirst waiting period can be set as desired for the particularapplication in the printer device 12. If the first waiting period oftime has not expired, then the No branch is taken to step 154 where anadditional response or responses may be received. In step 156, theprinter device 12 will check if each of the new responses is from anauthorizing party as described earlier. In step 160, the printer device12 determines if the necessary response or responses to the request orrequests for external authorization are received as described earlier.If the first waiting period of time has expired, then the Yes branch istaken to step 166 where the job is cancelled.

[0032] In step 168, the printer device 12 determines if based on theresponse or responses to the requests if external authorization isapproved. The number of responses needed to approve authorization can beset in the printer device 12 as needed for the particular application.For example, the printer device 12 may simply require one response whichapproves the request for authorization or may need four responses whichapproves the request for authorization. If authorization is notapproved, then the No branch is taken to step 106, 112, or 118 in FIG. 2where the job is cancelled. If authorization is approved, then the Yesbranch is taken to step 108, 114, or 120 in FIG. 2 as described earlier.

[0033] Accordingly, with the present invention a system has bettercontrol over who uses a particular device and which operations areenabled by involving an external authorization process outside of thesystem. Additionally, the present invention assists in discovering andpreventing misuse of the system through the authorization process and bykeeping a log of activity in the system. This log can be reviewed by anoperator to identify potential misuse of devices within the system.

[0034] While particular embodiments have been described above,alternatives, modifications, variations, improvements, and substantialequivalents that are or may be presently unforeseen may arise toapplicants or others skilled in the art. Accordingly, the appendedclaims as filed, and as they may be amended, are intended to embrace allsuch alternatives, modifications, variations, improvements, andsubstantial equivalents. Further, the recited order of processingelements or sequences, or the use of numbers, letters, or otherdesignations therefore, is not intended to limit the claimed processesto any order except as may be specified in the claims.

What is claimed is:
 1. A method comprising: determining for a job ifexternal authorization for at least one item is approved; and processingthe job if the determining if external authorization is approveddetermines that the external authorization for the at least one item isapproved.
 2. The method as set forth in claim 1 further comprisingcanceling the job if the determining if external authorization isapproved determines that the external authorization for the at least oneitem is not approved.
 3. The method as set forth in claim 2 furthercomprising keeping a log of the processing and the canceling for thejob.
 4. The method as set forth in claim 1 wherein the at least one itemcomprises at least one of an operation for the job, a useridentification for the job, and an account identification for the job.5. The method as set forth in claim 1 wherein the determining for a jobif external authorization for at least one is item is approved furthercomprises: determining for a job if external authorization for at leastone operation in the job is approved; determining for a job if externalauthorization for at least one user identification for the job isapproved; and determining for a job if external authorization for atleast one account identification is approved.
 6. The method as set forthin claim 5 wherein the processing the job further comprises processingthe job if the determining if external authorization is approveddetermines that external authorization is approved for the operation,the user identification and the account identification.
 7. The method asset forth in claim 1 further comprising determining for the job ifexternal authorization for the at least one item is needed, wherein thedetermining if external authorization is approved determines if externalauthorization is approved for the at least one item determined to beneeded.
 8. The method as set forth in claim 1 wherein the determining ifexternal authorization is approved further comprises: transmitting atleast one request for approval of external authorization to at least oneauthorizing party; and determining if the at least one response receivedfor the at least one request approves the external authorization.
 9. Themethod as set forth in claim 1 wherein the determining if externalauthorization is approved further comprises: transmitting a plurality ofrequests for approval of external authorization to a plurality ofauthorizing parties; and determining if responses received for theplurality of requests approve the external authorization, wherein atleast two or more of the responses must approve the externalauthorization for the approval to be granted.
 10. The method as setforth in claim 8 wherein the determining if external authorization isapproved further comprises identifying the at least one authorizingparty which can provide external authorization for the at least oneitem, wherein the transmitting transmits the at least one request to theidentified at least one authorizing party.
 11. The method as set forthin claim 10 wherein the determining if external authorization isapproved further comprises determining if the at least one responsereceived for the at least one request is from the identified at leastone authorizing party, wherein the at least one response is ignored ifit is not from the identified at least one authorizing party.
 12. Themethod as set forth in claim 8 wherein the determining if externalauthorization is approved further comprises: determining if a firstnecessary number of the at least one response have been received fromthe identified at least one authorizing party; and waiting a firstperiod of time if the first necessary number of the at least oneresponses have not yet been received, wherein the job is cancelled ifthe first period of time expires and the first necessary number had notbeen reached.
 13. A computer readable medium having stored thereoninstructions for requiring external authorization for a job prior toprocessing which when executed by a processor, causes the processor toperform the steps of: determining for a job if external authorizationfor at least one is item is approved; and processing the job if thedetermining if external authorization is approved determines that theexternal authorization for the at least one item is approved.
 14. Themedium as set forth in claim 13 further comprising canceling the job ifthe determining if external authorization is approved determines thatthe external authorization for the at least one item is not approved.15. The medium as set forth in claim 14 further comprising keeping a logof the processing and the canceling for the job.
 16. The medium as setforth in claim 13 wherein the at least one item comprises at least oneof an operation for the job, a user identification for the job, and anaccount identification for the job.
 17. The medium as set forth in claim13 wherein the determining for a job if external authorization for atleast one is item is approved further comprises: determining for a jobif external authorization for at least one operation in the job isapproved; determining for a job if external authorization for at leastone user identification for the job is approved; and determining for ajob if external authorization for at least one account identification isapproved.
 18. The medium as set forth in claim 17 wherein the processingthe job further comprises processing the job if the determining ifexternal authorization is approved determines that externalauthorization is approved for the operation, the user identification andthe account identification.
 19. The medium as set forth in claim 13further comprising determining for the job if external authorization forthe at least one item is needed, wherein the determining if externalauthorization is approved determines if external authorization isapproved for the at least one item determined to be needed.
 20. Themedium as set forth in claim 13 wherein the determining if externalauthorization is approved further comprises: transmitting at least onerequest for approval of external authorization to at least oneauthorizing party; and determining if the at least one response receivedfor the at least one request approves the external authorization. 21.The medium as set forth in claim 13 wherein the determining if externalauthorization is approved further comprises: transmitting a plurality ofrequests for approval of external authorization to a plurality ofauthorizing parties; and determining if responses received for theplurality of requests approve the external authorization, wherein atleast two or more of the responses must approve the externalauthorization for the approval to be granted.
 22. The medium as setforth in claim 20 wherein the determining if external authorization isapproved further comprises identifying the at least one authorizingparty which can provide external authorization for the at least oneitem, wherein the transmitting transmits the at least one request to theidentified at least one authorizing party.
 23. The medium as set forthin claim 22 wherein the determining if external authorization isapproved further comprises determining if the at least one responsereceived for the at least one request is from the identified at leastone authorizing party, wherein the at least one response is ignored ifit is not from the identified at least one authorizing party.
 24. Themedium as set forth in claim 20 wherein the determining if externalauthorization is approved further comprises: determining if a firstnecessary number of the at least one response have been received fromthe identified at least one authorizing party; and waiting a firstperiod of time if the first necessary number of the at least oneresponses have not yet been received, wherein the job is cancelled ifthe first period of time expires and the first necessary number had notbeen reached.
 25. A system comprising: an approval system thatdetermines for a job at a first system if external authorization from aremote system for at least one is item is approved; and a job processingsystem that processes the job at the first system if the approval systemdetermines that the external authorization for the at least one item isapproved.
 26. The system as set forth in claim 25 further comprising ajob cancellation system that cancels the job if the approval systemdetermines that the external authorization for the at least one item isnot approved.
 27. The system as set forth in claim 25 further comprisinga storage device for a log of the item and a status of the approval. 28.The system as set forth in claim 25 wherein the at least one itemcomprises at least one of an operation for the job, a useridentification for the job, and an account identification for the job.29. The system as set forth in claim 25 wherein the approval systemdetermines for a job if external authorization for at least oneoperation in the job is approved, if external authorization for at leastone user identification for the job is approved, and if externalauthorization for at least one account identification is approved. 30.The system as set forth in claim 29 wherein the job processing systemprocesses the job if the approval system determines that externalauthorization is approved for the operation, the user identification andthe account identification.
 31. The system as set forth in claim 25further comprising an initial processing system that determines ifexternal authorization for the at least one item is needed, wherein theapproval system determines if external authorization is approved for theat least one item determined by the initial processing system to beneeded.
 32. The system as set forth in claim 25 wherein the approvalsystem further comprises a notification system that transmits at leastone request for approval of external authorization to at least oneauthorizing party at a remote system, wherein the approval systemdetermines if the at least one response received for the at least onerequest approves the external authorization.
 33. The system as set forthin claim 25 wherein the approval system further comprises a notificationsystem that transmits a plurality of requests for approval of externalauthorization to a plurality of authorizing parties at a remote system,wherein the approval system determines if responses received for theplurality of requests approve the external authorization, wherein atleast two or more of the responses must approve the externalauthorization for the approval to be granted.
 34. The system as setforth in claim 32 wherein the approval system further comprises anidentification system that identifies the at least one authorizing partyat the remote system which can provide external authorization for the atleast one item, wherein the notification system transmits the at leastone request to the identified at least one authorizing party.
 35. Thesystem as set forth in claim 34 wherein the approval system furthercomprises a confirmation system that determines if the at least oneresponse received for the at least one request is from the identified atleast one authorizing party, wherein the at least one response isignored if it is not from the identified at least one authorizing party.36. The system as set forth in claim 32 wherein the approval systemfurther comprises: a count processing system that determines if a firstnecessary number of the at least one response have been received fromthe identified at least one authorizing party at the remote system; anda timing system that waits a first period of time if the first necessarynumber of the at least one responses have not yet been received, whereinthe job is cancelled if the first period of time expires and the firstnecessary number had not been reached.